[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Proposed clean up on subject text
Conor P. Cahill wrote: >Ron Monzillo wrote on 11/12/2004, 11:01 AM: > > > > > I think you are suggesting that SC not be viewed as authorizing the > > binding of claims. I don't subscribe to that point of view. > >Statements, by definition are bound to the Subject and the Subject only. > >The subject is bound to the entity requesting the service by the >subject confirmation. The entity may be the same entity that is >described by the nameidentifier, but it also may not be. That's >the point I'm trying to make. > > I felt that was adequately conveyed by "can/MAY treat the entity presenting the assertion as ..." Mostly I don't have a problem with your rewrite, although your rewrite seems to say that an authority is saying something definitive about who (as in everybody) is authorized to use an assertion when it doesn't include subject confirmations elements. I may have misunderstood your rationale (in the previous note), but I guess it (not your proposed rewrite) was the part that caused me to respond, as I was concerned that you were suggesting that satisfing c onfirmation constraints only authorizes use of the subject not the statements in the assertion. Are you saying (above) that authorization to use the subject carries with it auithorization to use the claims? Ron >Conor > > > >To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/security-services/members/leave_workgroup.php. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]